Think that is scary? I cannot state about the current browser, but previous versions bypassed a lot of the NT security features. Happens when the browser is made an integral part of the OS - but for legal reasons and with apparently little concerns to security ones. martin.goudreaultat_private wrote: > > Scarry... > > I tried it with Win2K SP2 and it works! Also, tried it with a exec file (renamed > to WWW.TEST.COM) and the file executed no questions asked! Tried it with a valid > (and verified) URL name (www.novell.com) and guess what? Same results! > > Can potentially be harmful. > > Martin Goudreault > Senior Systems Support > Bombardier - AeroSpace > St-Laurent, Qc, Canada > 514-855-5001 x55488 > > "Red Pantz" <redpantzat_private> on 08/08/2001 05:17:40 PM > > To: vuln-devat_private > cc: (bcc: Martin Goudreault/Canadair/Bombardier) > Subject: Winnt/Win2k Vuln ? > > Hello all, > > I have found that if you name a file (can be any data file) a certain URL, on > your desktop, and then g0 to IE and type that url, the web site will not come > up, only the program that was named the certain.confusing? > > i.e. > > - copy autoexec.bat to ..\desktop > - rename autoexec.bat to www.google.com (can be any url) > - then go to IE and type "www.google.com" > - your batch file is then ran > > a few issues i have w/ this is: > > - the prog will only run if it is on your desktop > - if you type "http://www.google.com", for example > it will not run(unless u name your file the same thing) > - it has only been tested on Win2k SP1, Winnt 4.0 SP6a w/ IE 5.5 > - it doesn't seem to have any privelage escalation (all progs are run as the > current user logged on) > > Just want a few others to try it and see wut they think > > thanx alot > redpantz > > ------------------------------------------------------------ > [- Get your own free e-mail @ http://www.crackdealer.com -] > > ------------------------------------------------------------------------ > Name: att1.eml > att1.eml Type: MHTML Document (message/rfc822) > Encoding: base64 -- James W. Meritt, CISSP, CISA Booz, Allen & Hamilton phone: (410) 684-6566
This archive was generated by hypermail 2b30 : Fri Aug 10 2001 - 12:31:14 PDT